[BruCERT] Alert on global spread of Ransomware Petya

Background

On 27th June 2017, BruCERT was alerted to the global spread of a ransomware inspired by WannaCry, identified as Petya.Petya is more dangerous and intrusive as its behaviour is to encrypt the Master File Tree (MFT) tables for NTFS partitions and overrides the Master Boot Record (MBR) with a custom bootloader to display a ransom note and prevents victims from booting up. The new Petya version also included a similar SMB work based on the EternalBlue exploit.

Security News

Alerts